technology decisions aug/sep 2014

1

AUG/SEP 2014VOL.2 NO.6PP100009359

I T l e a d e r s h i p & i n n o v a t i o n

THE

BREACH BILL

Data centre virtualisation

Viability of mobile biometrics

Identity management solutions

Prepare to declare

2

http://www.good.com/cio

3

10 | Cool data centre in the heart of Melbourne

12 | Peer2Peer: Nicko van Someren, Good Technology

24 | Archiving system keeps council in the Act

26 | A holistic approach to data centre virtualisation

and DCIM

30 | Leaping the bandwidth and backup hurdles

31 | Mobile biometrics - assessing the technologies

34 | Managing IT resources better by outsourcing

What would you do if you

discovered a major breach of

your IT security, leading to

the theft of sensitive customer

data? Obviously, you’d try to

plug the leak and ensure it

didn’t happen again. But if

legislation before the federal

parliament is passed, you’ll also need to disclose the

breach to your customers. After all, don’t they have a

right to know?

Mandatory data breach reporting laws are growing in

popularity around the world. The Privacy Amendment

(Privacy Alerts) Bill 2014 currently before parliament

would require that “agencies or organisations that suffer

a serious data breach would have to notify the affected

individuals and the Office of the Australian Informa-

tion Commissioner (OAIC)”, amongst other actions,

with potentially severe penalties for failing to do so.

This comes on the back of research released in August

2014 showing that, worldwide, 375 million customer

records were stolen or lost in the first half of 2014

through 559 major breaches. That same research found

that 65% of customers, upon learning that sensitive

personal information had been stolen, would never do

business with that firm or agency again.

It’s something we all have to take very seriously.

Jonathan Nally, Editor

I N S I D Ea u g / s e p 2 0 1 4

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

04 | The Breach BillIf legislation before the Senate passes,

Australian businesses will be required

to publicly disclose any data breaches

they suffer.

F E A T U R E S

20 | Data centre decisionsThe cloud and virtualisation are

changing the data centre landscape,

but the technology is not necessarily

the most important aspect.

cove

r im

age:

©al

ph

asp

irit

/Dol

lar

Ph

oto

Clu

b

14 | Consumer identity managementThe explosion of mobile, social,

cloud and big data is challenging all

of us to come up with new customer-

facing solutions

ALSO available in DIGITALThis magazine and a complete library of back issues are available in

digital format at

www.technologydecisions.com.au/latest_issue

This issue’s eMag is proudly sponsored by

http://now.informatica.com/14Q3-Smr-APJ-AU-INFAWorldTourSYD-Reg.html?Source=techd

http://now.informatica.com/ 14Q3-Smr-APJ-AU-INFAWorldTourSYD-Reg.html?Source=techd

4

This issue is sponsored by — Informatica — http://now.informatica.com/14Q3-Smr-APJ-AU-INFAWorldTourSYD-Reg.html?Source=techd

Andrew Collins

If legislation for mandatory data

breach reporting currently before the

Senate passes, Australian businesses

will be required to publicly disclose

any data breaches they suffer.

The Breach BillMandatory data breach reporting may soon be here

Mandatory data breach re-

porting laws have been

growing increasingly popu-

lar elsewhere in the world

- they’re even becoming the norm in the US.

In 2003 the state of California introduced a

law requiring businesses and state agencies

to notify Californians if their unencrypted

personal information is compromised in a

security breach.

Since then more US states have followed suit,

with a total of 47 now having mandatory

data breach notification laws, according

to the US National Conference of State

Legislatures.

Similar laws have been on the Australian

horizon for some time. In May 2008 the

Australian Law Reform Commission rec-

ommended the introduction of laws that

require organisations to notify authorities

and affected individuals if a breach occurred

and if those individuals could experience

serious harm as a result.

In June 2013, then-Labor minister and At-

torney-General Mark Dreyfus introduced

5


“The Bi l l should be passed rather than re jected, but i f

passed should be substant ia l ly amended to address some

of i t s shor tcomings.” - Cyberspace Law and Pol icy Centre

notify the affected individuals and the

Office of the Australian Information

Commissioner (OAIC).

• Notification would only be required if a

breach was “serious”.

• A breach notification would have to

include a description of the breach, the

kinds of information involved, recom-

mendations about steps that affected

individuals should take in response to

the breach, and contact details of the

breached organisation.

• The commissioner could direct an organi-

sation to provide affected individuals with

notification of a data breach.

• Law enforcement agencies could be ex-

empt from notification if they felt it could

impede some enforcement related activity.

• The commissioner could excuse an

organisation from notification if he/she

felt it was in the public interest to do so.

• The commissioner could investigate fail-

ures to notify, and such an investigation

could lead to compensation payments

and enforceable undertakings.

• Serious or repeated non-compliance

with notification requirements could

lead to a civil penalty being imposed

by a court.

ConsultationThe 2014 Bill has not had any public

consultation. But a Senate Committee did

take submissions on the previous incar-

nation of the Bill - it attracted support

from some corners and criticism from a

variety of privacy and business groups.

The Consumer Credit Legal Centre

(NSW) - a consumer advice and advocacy

service specialising in personal credit,

debt, banking and insurance law - gave

the Bill high praise.

“A mandatory reporting requirement such

as the one set out in the Bill would ensure

that consumers receive the necessary in-

formation about how their personal credit

reporting information is being protected.

The mandatory notification requirement is

long overdue, and represents a significant

benefit to consumers. We strongly encour-

age the Senate Committee to endorse the

Bill,” the organisation’s submission read.

The Australian Communications Con-

sumer Action Network (ACCAN) wrote

that it “encourages the Senate Committee

to endorse the Bill”.

Liberty Victoria, a human rights and civil

liberties organisation, wrote, “The purpose

of the legislation is commendable” but

complained that “a large part of the Bill

is dedicated to exceptions, the breadth of

which […] Liberty opposes”.

The legislation “exempts enforcement bod-

ies from notifying individuals or publish-

ing serious data breaches if it believes on

reasonable grounds that it would prejudice

one or more enforcement-related activities

conducted by it (or on its behalf). Whilst

it is foreseeable that in some limited

circumstances enforcement bodies would

have need of this, it is also foreseeable that

it could be used to avoid disclosing almost

any breach by those bodies,” Liberty said.

The Cyberspace Law and Policy Centre,

part of the University of New South Wales’

Faculty of Law, wrote that while a manda-

tory data breach notification scheme is

the Privacy Amendment (Privacy Alerts)

Bill 2013 to the House of Representatives.

The Bill made it to the Senate, but lapsed

at the end of parliament last year, before it

was able to receive the Senate’s approval.

On 20 March this year, Labor Senator Lisa

Singh reintroduced the Bill to the Senate

as the Privacy Amendment (Privacy Alerts)

Bill 2014. It may have a different year in its

title, but the core text is identical to that of

the 2013 Bill.

If you want a full rundown of the Bill,

head to www.aph.gov.au, search for “Privacy

Amendment (Privacy Alerts) Bill 2014”

(without inverted commas), and track down

the Bill’s first reading. If you don’t want

to wade through 4000+ words of legalese,

here’s a summary of what the Bill would

mean if passed:

• Agencies or organisations that suffer

a serious data breach would have to

© Ja

mes

The

w/D

olla

r Pho

to C

lub

6


“often helpful”, “The Privacy Alerts Bill

is however a ‘lite’ version of a Mandatory

Data Breach Notification law.

“Future international comparisons may

show that, if passed in the current form,

it will fall well short of best practice, and

there may thus also be many Australians

who might expect (and need!) to be no-

tified under this model who may be still

left in the current unsatisfactory limbo,”

the policy centre wrote.

“The Bill should be passed rather than re-

jected, but if passed should be substantially

amended to address some of its shortcom-

ings.” For one, the policy centre complained

that the scope of organisations required to

report on data breaches was “too narrow”.

Several business groups complained that

compliance with the Bill would create too

great a regulatory burden. The Australian

Finance Conference (AFC) - an organisa-

tion that includes credit providers, finan-

ciers, receivables managers and consumer

credit reporting agencies - was one such

complainant.

“Financial service providers who handle

considerable data, and need to hold it for

long periods of time, will potentially incur

greater costs when compared with other

industries where data-handling may not

be as significant in terms of day to day

operations,” the AFC wrote.

According to the Communications Alli-

ance, “The implementation of a mandatory

data breach system is likely to be costly.

“It is also difficult to attempt to quantify

the cost of communicating a breach to

those affected until the breach has oc-

curred. That is, until an entity has an

understanding of the size and nature of a

breach, how can it determine the cost of

notification?” the Alliance wrote.

“Moving from a voluntary Guide to man-

datory legislation will result additional

costs to business, including legal counsel,

associated with ensuring compliance with

a mandatory scheme. That is, what could

once be managed through good internal

business processes would need be formal-

ised in such a way as to require businesses

to seek expert advice to ensure they comply

with legislative requirements,” it said.

Serious harmThe definition of the harm that would

have to befall a person before a notifica-

tion was required also attracted criticism.

Electronic Frontiers Australia wrote that

the definition should be expanded to

include “psychological harm, onerousness

and inconvenience to the individuals af-

fected, and harm caused by breaches of

inaccurate data”.

The Communications Alliance was un-

happy with the Bill’s use of the term

“serious harm”.

“In industry’s view, there should be a

threshold test that industry can use to

determine whether ‘serious harm’ could

or would be caused. It is noted that both

‘risk’ and ‘real risk’ are defined within the

legislation, as well as ‘harm’ but there has

been no attempt to define the concept

of ‘serious harm’,” the Communications

Alliance wrote.

“Further, in the absence of a definition

of ‘serious harm’, it is possible that the

legislation will cause an organisation to

take a risk-averse position in order to

avoid breaching such an obligation. This

could, potentially, result in over-reporting

of relatively minor data-related errors,” the

Communications Alliance wrote.

Many commentators - from both privacy

and business groups - complained of the

short time span they had to comment

on the Bill.

Liberty Victoria, for example, wrote:

“We note with extreme disappointment

that public comment opened on 18 June

2013 and closed two days later on 20 June

2013. This is a not conducive to open and

transparent Government and it is extremely

unlikely that many members of the public

or any other interested party will have had

time to review the Bill let alone prepare

submissions to this Committee.”

What happens nowBased on the Bill’s second reading

debate in June, it seems Labor and the

Greens will vote to support the Bill.

The Coalition’s comments were a little

harder to interpret, with many Coalition

senators saying the government supports

the principle of the legislation, but not

Labor’s version of it. Liberal senators

David Fawcett and Richard Colbeck

provided perhaps the clearest signals

of the government’s intent.

“We support it in principle but there

needs to be more considered input from

the stakeholders, particularly civil society,

© Ja

mes

The

w/D

olla

r Pho

to C

lub

7

Billion reasons

NATIONAL CONGRESS & EXPO

®

http://www.edutech.net.au

8


before we would support moving forward

with it,” Fawcett said.

“When you have the Australian Privacy

Foundation also expressing concerns, that

is a fair indication of why proper consulta-

tion should be put in place and why we

do not support this piece of legislation,”

Colbeck said.

Let’s assume Labor, the Coalition and the

Greens will vote along party lines. With

33 seats, the Coalition would need the

support of five of the eight remaining

been quite well tuned in to the view from

ordinary people. At other stages, they’ve

been obviously very empathic to the needs

of industry.”

Anne Robins, research director at Gartner,

said some in the crossbench are likely to

vote against the Bill, not because they

believe it too onerous, but rather “they

think it’s not strong enough”.

“What I’ve seen come out from the Coali-

tion would indicate that they’re playing

more of a ‘not due process’ sort of game,

mentators to modify the law - potentially

weakening, strengthening or tightening it

up in some way.

Robins said, “If I was going to bet, I

would say I think they’ll at least do one

pass around of having a go at changing

it. But, to be honest, I think it’s doomed.”

The analyst said that, considering some of

the issues with the Bill, “perhaps this isn’t

the right vehicle to achieve” mandatory

data breach reporting. “Trying to chip

away at [the Bill] … around the edges,

perhaps isn’t going to get us that much

closer. It may be an opportunity to take

a step back and consider how a simpler,

more streamlined process may achieve

the same outcome but actually be a win

for everybody.”

Given the complaints from all sides, is it

too much to change?

“I think what you need is an intelligent

version two of the model that identifies

the underlying features of the various

complaints and tries to see which of those

are competing and opposing, and which

[can be resolved to] make everyone a bit

happier,” Vaile said.

It’s hard to say when the Bill will be

heard again in the Senate, Arnold said,

with many behind-the-scenes factors

influencing when senators consider or

vote on a Bill.

If the Bill - or some form of the Bill - is

passed, it’s likely that businesses would

have some time to prepare for the changes.

“Usually there’s a transition period. A

nice example was the big changes to the

Privacy Act, where basically business had

two years to get ready. With something like

this, it’s unlikely that it would come into

effect straight away,” Arnold said.

crossbenchers to attain the 38 required

to block the Bill.

Conversely, with 35 votes for the Bill, Labor

and the Greens would only need four of

the eight crossbenchers to reach 39 votes

to get the Bill over the line.

Looking at the numbers alone, the vote

could go either way.

Bruce Arnold, Assistant Professor in Law

at the University of Canberra, said, “I

honestly don’t know [how the vote will

go]. The Palmer United Party at the mo-

ment is unpredictable.”

David Vaile, executive director at UNSW’s

Cyberspace Law and Policy Centre, said of

the crossbenchers: “I don’t think you can

tell. The crossbenchers in the Senate have

been very surprising in their approach.

Strangely enough, they have sometimes

rather than coming up with any specific

comment around the content of the Act,

and maybe that’s a mechanism for them

to defeat it here and then perhaps take a

different approach,” Robins said.

And senators might not vote along party

lines. “We may well see some expressions

of concern on the part of the Liberals.

It’s easy to say that there’s some sort of

absolute party discipline,” but that’s not the

case, Arnold said. “There is a real spread

of opinion and knowledge,” Arnold said.

Assuming that the Bill passes the Senate in

some form, what will it ultimately look like?

Arnold said it’s hard to predict, but “I

suspect if it goes through, it will go

through pretty much like what we’ve

got at the moment”. Then, if it is passed

into law, there will be five to ten years of

lobbying from various parties and com-

© iS

tock

phot

o.co

m/K

irsty

Par

gete

r

9

central

1300 669 533 I [email protected]

www.firstpointglobal.com

Like Yin and Yang, Enterprise and Consumer identity and access management are seemingly opposite, yet complementary.

Divided by different stakeholders, business drivers and requirements, yet unified by the forces of digital business.

Winners in the digital economy will have identity and access management that strikes the balance between security and usability, control and engagement.

Secure your enterprise and embrace your customers with IAM solutions from First Point Global.

RISK AND OPPORTUNITY

http://www.firstpointglobal.com

10


workCool data centre in the heart of Melbourne

Communications and data centre provider Vocus

Communications needed to implement a world-class

data centre in Melbourne’s CBD that would meet

the increasing demand from growing enterprises

for a premium facility, well serviced with fibre connections.

With a large number of enterprise and businesses located

within the CBD, there is a huge demand for a data centre located

close to city clients. For this reason the 530 Collins Street location

was chosen. It contained an existing data centre that had been

recently vacated by the Australian Securities Exchange and was

close to Vocus’s existing fibre-optic network, which meant it

could be linked directly to most CBD and inner metro buildings

via Vocus’s dark fibre services.

However, it contained legacy equipment and had design

principles that needed to be completely rethought. For instance,

the raised floor design was far too inefficient and would require

a complete refitting of all equipment from the previous centre,

along with a space redesign.

Schneider Electric’s integrated data centre physical

infrastructure enabled Vocus to benefit from the highest level of

efficiency, power density, redundancy, performance and security.

The InfraStruxure solution provides ‘on-demand’ architecture

for power, cooling and services in a rack-optimised format.

Vocus deployed Schneider Electric’s pod-based hot-aisle

containment system (HACS) with white racks and an in-row

cooling configuration. The system contains heat by sealing off

the hot aisle, so the hot exhaust is captured at its source before

it can mix with the ambient air.

“We are able to put the in-row chillers exactly where the high

demand and the high power output is. That leads to a much

more efficient use of your cooling resources,” said Spenceley.

Matching the cooling to the heat load results in a 30%

energy saving in comparison to traditional raised floor cooling

methods, while still supplying up to 30 kW of power and

cooling per rack. As a result, customers can choose hardware

based on their business needs and not on power restrictions.

Schneider Electric’s intelligent-free-cooling design means that

the data centre can achieve up to 75% free cooling annually. For

the remainder of the year, the facility is fitted with Schneider

Electric’s Uniflair chillers, which deliver optimal high efficiency

even at low loads.

Vocus also chose Schneider Electric to provide the full

electrical supply chain - from switchgear to ATS, UPS, power

distribution all the way through to the critical load in the

racks. The result is a centre with a power usage effectiveness

(PUE) of 1.3.

The solution has been designed in a modular and scalable

fashion, which means that Vocus can easily roll out capacity

as it secures new customers. The Symmetra MegaWatt UPS is

modular and the HACS pods can be deployed quickly, ensuring

Vocus operates in a capital efficient way.

The centre is built to the highest levels of availability

and reliability with a target uptime of 100%. This, combined

with Vocus’s dark fibre services, provides a foundation for

any business looking to outsource its data centre, improve its

disaster recovery strategy and continue to deliver exactly the

same performance to its internal customers as if its data centre

was still within its own office.

The solution was a co-location facility designed and built

by Schneider Electric in partnership with Vocus. At 1280 square

metres, it is one of the largest data centres in Melbourne, with

capacity for 300 racks.

“Schneider Electric’s project management experience and

consultative solutions meant that we could build a premium

facility right in the middle of Melbourne, an environment that’s

often thought of as too challenging,” said James Spenceley, CEO

of Vocus.

http://www.veeam.com

12


2P E E RP E E R

Security and privacy of wearable technology

Nicko van Someren is the CTO of Good Technology where he is in charge of technology strategy and research. Previously he served as chief security architect at Juniper Networks, responsible for leading the technology and design direction for network security products. Before that, he was founder and CTO of security technology company nCipher Plc. He is a fellow of the Royal Academy of Engineering and the British Computer Society.

Wearables w il l inf i l t rate the

enterprise whether an organisation

is in favour of the trend or against it. The current wave of enterprise

mobility was defined by bring

your own device (BYOD).

The wave that began with

smartphones and expanded to include

their larger tablet cousins, was started

by end users. At first this was a trickle

of early adopters and often IT organisa-

tions turned a blind eye to the security

implications.

But now it is wearables - rather than

phones and tablets - that are making

their way into the enterprise. Whether it

is fitness bands, smart watches or Google

Glass, so-called ‘wearable technology’ is

making headlines. In fact, according to

Deloitte Australia’s recent Tech Trends

2014 report, smart glasses, fitness bands

and watches are likely to sell about 10

million units in 2014, generating $3

billion.

Unfortunately, with every wave of new

technology we see new security threats,

and wearables are no different. We are

already seeing how the explosion of

connected devices - under the banner

of the Internet of Things - has opened

up security vulnerabilities.

The deeply personal nature of wearables

may well make them a very attractive

proposition to cybercriminals. Beyond

the data that is already on your phone

or tablet, wearable devices are collecting

a host of extra information. Detailed

GPS logs don’t just reveal where you go

and how fast you jog, they reveal which

ATMs you stop at and which medical

clinics you have visited. Access to your

wearable devices will be valuable com-

modity for identity thieves and maybe

even blackmailers.

When it comes to security, wearable

technology is not all bad news. As

well as risks, they present a number of

new opportunities too. If an organisa-

tion can count on users having small,

smart, personal devices with them at

all times then it can use that as part

of the way that it can identify the user.

Demonstrations have been built using

FitBit wristbands and Pebble watches

as authentication tokens that allow for

easier log-in to protected data on phones

or tablets - and they can automatically

lock the data again if you walk away

from your device.

So what about the enterprise data? If

an organisation keeps enterprise data

in separate, encrypted containers on

individuals’ phones or tablets, then

it is possible to control where it goes

next. That can mean controlling the

flow of alerts to smart devices as well

as controlling the flow of data between

apps. Fine-grain policy controls will let

companies trade off the risks and rewards

of using these new devices.

As with the first wave of BYOD, wearables

will infiltrate the enterprise whether an

organisation is in favour of the trend or

against it. It is approaching sooner than

most companies realise, hence they need

to start embracing the right tools to en-

able the next phase in enterprise mobility.

http://www.afcgroup.com.au

14


Consumer identity management10 key areas for solution designers

We are seeing a revolu-

tion in the way organi-

sations are planning to

use identity and access

management (IAM) technologies. IAM

has been described as a business enabler,

although until recently it has been largely

used for enterprise systems access control,

automated provisioning, and audit and

compliance. In 2014, however, the explo-

sion of mobile, social, cloud and big data

is challenging all of us to come up with

new customer-facing solutions.

I am going to share some findings that are

a result of working with customers and

technology partners over the last three

years. I think of it as a parallel discipline

to enterprise IAM, using many of the same

technologies, for a different purpose: to

engage, nurture and serve customers with

the view to building business. The follow-

ing 10 points are key areas of difference

that we must consider.

1. Scale and scalabilityEnterprise IAM systems are designed

to register, authenticate and control

systems access for employees. In large

organisations this is counted in the

tens of thousands in Australia and New

Zealand, and up to the low hundreds of

T E C H N I C A L LY S P E A K I N G

The explosion of mobile, social,

cloud and big data is challenging

all of us to come up with new

customer-facing solutions.

Jan Zeilinga, CTO, First Point Global

15


thousands globally. One of our vendor

partners has a global customer with 700

million registered consumers. Google and

Facebook have both already gone over

the one-billion-user mark.

2. Directory servicesDirectories employed by enterprise iden-

tity systems have a rigid data structure

and capture and store information about

individuals, such as name, location and

email address. They don’t need to store

information such as product or privacy

preferences, or all of the myriad items of

information that may be useful to know

about consumers. From an architecture

standpoint, best practice is very clearly to

establish a purpose-built repository that

is optimised around consumer data, for

at the heart of consumer identity man-

agement there is a lot of data. Some say

it’s big data, CRM, MDM and identity

management combined.

3. Identity aggregationMany organisations already have a large

volume of information about their

customers that is related to different

business contexts and stored in differ-

ent databases and applications or with

third-party affiliates. Very few of them,

however, can link all that information back

to produce a profile that can be used to

inform interactions with uniquely iden-

tified individuals. The ability to locate,

aggregate and make this information

available in real time is a key function of

a consumer identity system. Correlation

and aggregation of identity-related data

is the best approach, which needs to be

a new functional block within the overall

IAM architecture.

4. Earned identity supportA fundamental characteristic of enterprise

IAM systems is the concept of captive

identity. That is, identities are captive and

subject to governed registration processes.

The organisation doesn’t need to offer

choices because it needs to manage the

actions of its employees, and run a tight

security ship.

Consumers are a different matter. Identities

are earned, not captive. Consumers expect

to register for services in ways they are

familiar and comfortable with. They are

reluctant to share information with an

organisation unless an environment of

trust is established and there’s something

in it for them - the so-called ‘give to get’

scenario. If they don’t like the rules, they

can always vote with their feet. The notion

of earned identity is central to consumer

identity management, which has great

impact on the user experience and user

interface design.

5. Performance and latencyThe scale of consumer identity systems is

not only a storage issue. They also need

to exchange information with connected

services - either online or via mobile

and other devices - with minimal delays

or latency. Site visitors and mobile apps

need to be authenticated quickly, and

preferences instantly retrieved, to inform

interactions and give consumers an experi-

ence that will make them want to come

back for more. Scaling these capabilities

to millions of users with very low latency

requires consideration at the architecture

and technology level. Best practice is to

isolate components from the enterprise

security infrastructure to achieve perfor-

mance, and not to impede the performance

of the core security function.

6. Mobile accessEnterprise IAM systems are being extended

to support mobile platforms for the pur-

© P

avel

Los

evsk

y/D

olla

r Pho

to C

lub

16


poses of mobile workforce enablement,

BYOD, SaaS, online banking and so on,

and there are some great solutions around

for that. Consumer identity systems need

to support whatever platforms and apps

consumers wish to engage with from the

get-go. These would typically be websites,

web services, affiliate services, and mobiles

and tablets running iOS or Android. We’re

now even moving into an era when wear-

able devices must be easy to connect to

whatever access and federation technolo-

gies the organisation uses for consumer

identity. It won’t be long until 10,000 steps

a day could earn you a discount from your

health fund, for example.

own terms, honouring their wishes and

keeping their data secure. Consumers

are invited to control what information

they share, what it is used for and who

it is shared with. This is very different

to a captive identity system where ac-

cess privileges are granted to users by

the organisation.

8. User self-serviceConsumer identity systems need decen-

tralised management capabilities like user

self-service to handle the numbers of us-

ers and volumes of information involved

and to put consumers and citizens in

control, and at ease. Consumer identity

Importantly, they also need to build on any

previous interactions and transactions the

organisation has had with the consumer

or citizen. People do not appreciate hav-

ing to re-register for services. Ideally, a

consumer identity system should be able

to consolidate any existing identity systems

or transaction artefacts an organisation

has and provide a unified experience,

something that security-centric enterprise

IAM systems were never designed to do.

Central to this is support for step-up

authentication so that the user can eas-

ily register and gain access to low-level

resources, for example, and only be

prompted for higher-level credentials when

they need to access private information or

higher value transactions.

10. Consumer engagementAnd last but certainly not least, consumer

identity systems must support continual

extensions and improvements. To compete

in the digital world, organisations must

continue to engage with consumers at

an identity level. A consumer identity

system supports give-to-get offers based

on changing conditions like location or

an account balance trigger, for example.

In this case, a changing identity attribute

could initiate a context-aware business

offer, enabled by attribute-based access

control. There are literally unlimited

applications to this use case. Continued,

relevant customer engagement is the key to

winning, which is why consumer identity

data is being described as the new gold.

Ultimately, only organisations with deep,

granular and continuously evolving con-

sumer identity capabilities will be able to

compete and win in the digital economy.

Having advanced enterprise IAM in place

is a distinct advantage. The key is to un-

derstand the difference between consumer

and enterprise, and make your decisions

with those different use cases in mind.

Business and marketing are coming up

with hundreds of use cases for mobile

and the Internet of Things. The scale

of consumer identity systems is not just

about the number of people registered

and the volume of information, which

must be instantly accessed, it is also

about the frequency of interactions. If

consumers are running apps on their

devices that are all set up to interact

with your organisation, it could add up

to multiple interactions per consumer

per second across the entire user base.

This is another architecture considera-

tion where the functionality needs to be

connected, yet isolated from the core

security infrastructure.

7. Permission, preferences and privacyThe three Ps - permission, preferences

and privacy - are functional requirements

of a consumer identity management

system based on earned identity. They

allow consumers to be dealt with on their

self-service allows people to manage their

privacy and preferences. Enterprise IAM

systems, on the other hand, are designed

around captive identities and can be

centrally controlled. While enterprise

identity systems support elements of

self-service, their primary objectives are

improving workplace efficiency, security

and compliance. As a result, they are

unlikely to be sufficiently flexible and

granular to meet consumers’ or citizens’

expectations.

9. Registration and authenticationThe first task of any consumer identity

solution is to register and authenticate

users as easily and conveniently as possible.

It needs to be able to support social sign-

on, leveraging identities that consumers

have built up with services like Facebook,

Google, LinkedIn and myGov. Consumer

identity systems need to support stand-

ards like OpenID and OAuth to facilitate

social sign-on.

“Ideal ly, a consumer ident i ty sys tem should be able to

consolidate any existing identity systems or transaction artefacts

an organisat ion has and provide a unif ied experience.”

http://www.apc.com/promo

http://www.te.com/enterprise-nz

20

F R O M T H EF R O N T L I N E

Data centre decisions: past, present and future

The cloud and virtualisation are changing the data centre playing field, but

the technology is not necessarily the most important aspect to consider.

Reliability, support, user experience and legal issues remain critical.

Jonathan Nally


2121

O U R P A N E L

Makis Marmaridis,

Managing Director,

IMTG

Matt Maw, CTO,

Tatts Group

The move to the cloud, vir-

tualisation, power provision,

efficiency, latency, monitoring

and infrastructure management

are just some of the challenges that face

data centre providers and users in 2014.

According to a report issued earlier this

year by Emerson, in 2007 the top three

concerns were heat density, power density

and energy efficiency. In 2013, it had

become monitoring and infrastructure

management, energy efficiency and heat

density - a reflection of the move to

virtualisation and the cloud.

“Australia and New Zealand have been very

quick to move to a virtualised environment,

far in advance of the US,” says Michele

Caminos, a Gartner managing vice presi-

dent based in Wellington, New Zealand.

“And now they’re looking at what do we

do with this virtualised environment - do

we move to the cloud now, what do we

do with our data centres?

“A lot of businesses are giving it back, or

consolidating,” says Caminos. “And it will

progress down that path as we continue

to go to the cloud, as they obviously

don’t need infrastructure housed within

their own walls.”

To get a better idea of what data centre

users see as the challenges in the current

environment, we asked a number of them

for their views.

Reliability and supportAustralian IT consultancy IMTG focuses

on providing e-learning platforms, CRM

as a platform, optimisation and web

applications through cloud. It has gone

through the transition of handing off its

data centre to an external provider.

“When we started the business, we started

building our own infrastructure,” says

Makis Marmaridis, IMTG’s managing

director. “Nearly 15 years ago when we

started there was hardly anything to speak

of in the way of what you can do today.

You could hire the rack space and put your

own servers in or run your own network,

and try to do everything yourself. And

we did that for a long, long time. And

that’s because we had to - we had no

other choice. We had to provide reliable

service and we had to have control over

the environment. So we had to maintain

all that overhead just for us to be able to

deliver those applications at the level at

which we needed them to be delivered.

“I knew we had to get out of running our

own infrastructure very early on. And every

time I had to sign off on a new server in

the data centre, I would remind myself that

this was not the way to do it long term,”

adds Marmaridis. “When we decided we

were going to move off our own equip-

ment, we thought it would take us about

two-and-a-half years to do the switch. It

took us just over 12 months in the end.”

Marmaridis says there were a number of

factors that had to be in place before he

felt comfortable making the switch, but

prime among them were support and

reliability. “We have to be certain the

equipment is absolutely bulletproof. That’s

what we were waiting for. The technology

was there to some degree, but there was

not enough support - the support was not

close enough to what we needed.”

That’s changed now, he says. Putting a

ticket through and having to wait 12

hours for a response is a thing of the past.

User experience is the key“We have around 150,000 customers glob-

ally, we send roughly 1.2 billion messages

per month and we see between 25 and

30% growth in our message volume every

year,” says Cameron Newman, head of

operations at Sydney-based global email

marketing firm Campaign Monitor.

“When [the founders] started this business,

they were always focused on the North

American market, so from day one all

of our infrastructure has been in North

America to provide the best experience

to our end customers,” adds Newman.

“So we’ve gone through a whole range

of providers in North America.”

What’s top of the list when considering

data centre services? “At the top of our list

is user experience, [which is] performance ©

alp

hasp

irit/

Dol

lar P

hoto

Clu

b


Cameron Newman,

Head of Operations,

Campaign Monitor

David Duncan, CEO,

Global Storage

22


related. Secondary to that would prob-

ably be support. The user experience

is paramount to everything we do at

Campaign Monitor; making sure that

when you’re in the application the pages

load very quickly and are snappy.”

“It’s a pretty important part of your

reputation, that you’re always available,”

says Newman. “We’ve seen some pretty

ugly things happen when providers can’t

follow through with their service. It’s

obvious that having downtime is not

something [the founders of Campaign

Monitor] are willing to have to go back

to customers to explain.”

And what about specifying where your

data centres are located? “Yes, we do

specify that. We even get down to the

detail of specifications of network con-

nectivity to their infrastructure so that

we can optimise the performance all

the way down to our edge server that’s

rendering a web page.”

A shift in thinkingSydney-based company Global Storage

is both a consumer and a provider of

data centre services. “What we’re see-

ing at the moment is a real shift in

thinking on data centre strategy,” says

David Duncan, CEO. “And that’s come

about because cloud is changing the

focus of technology leaders and CIOs

from technology relationships to service

relationships.

“So rather than deploying in their own

private data centre, we’re seeing a big

trend for our customers particularly

deploying in our virtual private cloud,”

adds Duncan. “So that deployment

mechanism means that their data us-

age is actually decreasing; if anything

they’re cutting back on the data centre

space that they’ve been using within the

traditional providers.

“The big change that we’re seeing is that

public cloud when it first came in was

more tailored to web services, maybe a

bit of CRM and a few other different

things. But the real take-up in Australia

isn’t around these traditional public

cloud offerings - it’s around virtual

private cloud offerings.”

And where is that shift in thinking lead-

ing? “The shift is different from what

we’ve seen before in terms of where the

market’s at. Right now, because the way

we consume technology is changing, and

it’s changing quickly - we’re going to

technology being consumed as a service,”

says Duncan.

Commercial and legal challengesThe Tatts Group provides services in

the gaming and entertainment industry.

And it is a huge operation, with 10,000

physical sites, a large telephone betting

operation, an online channel and around

250,000 poker machines.

“We believe it’s the largest network in

the country; we can’t find anybody who’s

bigger. It’s basically Coles plus Australia

Post plus 20%” says Matt Maw, the

company’s CTO.

“Tatts Group was formed through an

amalgamation of a number of entities,

and each time we’ve acquired those com-

panies, we’ve effectively acquired - loosely

- two data centres. So at worst we had

three data centres in Queensland, two in

Sydney, two in Victoria, one in Adelaide,

one in Hobart, one in Malta and one in

Milton Keynes in the UK,” says Maw.

“We’ve steadily, over the last 4 or 5 years,

consolidated and shut down data centre

after data centre across the country and

have now successfully consolidated our-

selves into two data centres in Brisbane,

which we both own and control.”

“We’re facing a situation where an exist-

ing building is going to be sold, so I’m

now faced with the quandary of needing

to shift a data centre, and we’re having

some really interesting conversations at

the moment as to whether or not the

ownership of our own data centre is a

strategic asset to us or is a cost of busi-

ness,” adds Maw. “If it’s a cost of doing

business, then there’s absolutely no point

in continuing to operate it ourselves. So

it’s really a strategic question for us as

an organisation.”

One of Tatts’s biggest challenges came

during Super Tuesday a couple of years

ago, when an Oz Lotto $100m super draw

coincided with the Melbourne Cup. “We

maxed out at about 5500 transactions per

second through the system,” says Maw.

How do you handle such a load? Is it a

simple matter of bursting into the cloud

when you need more capacity?

“We’re a little bit different in that we

basically are a technology company,”

says Maw. “We have no redundancy, in

that if our systems go down, there are

no manual processes or procedures to

back them up, unlike an airline that

can manually board a plane. For us, the

horse race jumps, the lotto finishes, the

time ticks over regardless of whether

our system is up or not.

“The challenge for that is not at the

technical level, it’s at a commercial and

legal level that says, ‘What happens if

there’s an outage or an issue?’ When

you’re running 5500 transactions per

second, 30 seconds matters,” says Maw.

“Finding a legal contract that you can

sign with any provider that says they

can even identify they’ve got a problem

within 30 seconds let alone begin to

rectify the situation or pay out on that

SLA [is difficult].

http://www.gartner.com/au/symposium

24


work

Archiving system keeps council in the Act

Environment Canterbury is the regional council responsible

for facilitating the sustainable development within New

Zealand’s Canterbury district, home to the nation’s

highest mountain, major lakes and rivers, and fruitful

farmland. It’s also home to more than 565,000 people, making

it the country’s second-most populated region.

To comply with the Public Records Act 2005, the council -

which has more than 500 staff - has to be able to quickly and

easily retrieve any communication (including email) that deals with

decisions affecting the region’s natural and physical resources. To

help it comply with the Act, Environment Canterbury implemented

the GFI MailArchiver and GFI FaxMaker network solutions.

The stringent regulations of the Act require:

• full and accurate records of the affairs of central and local

government to be created and maintained;

• provision for the preservation of, and public access to,

records of long-term value;

In 2013, the council migrated from old physical servers to a

virtual environment including Windows Server 2012, Microsoft

SQL Server 2012 and GFI MailArchiver 2012. The IS staff had

to act when the old physical servers could not handle any more

disk drives. Compounding the issue was the cost to install bigger

drives: it would have been just too expensive.

“The migration took several weeks as we were moving and

restoring two terabytes of database files, mounting them and

indexing them,” he added. “Once we got all the historic archive

stores across, we stopped both environments, moved across the

live store and configured the Exchange journal. It was a success!”

Since that time, emails have been archived in the new

environment, and the old physical server has been decommissioned.

Additionally, all components of the solution have been upgraded

through several major releases of the operating system, SQL Server

and GFI MailArchiver.

“There were no problems with compatibility of any component,”

Warne said.

A solution that complements GFI MailArchiver nicely is GFI

FaxMaker, which Environment Canterbury uses at times. GFI

FaxMaker is a network fax server solution with email-to-fax and

fax-to-email functionality. Warne said his team is considering

migrating to the cloud-based model, GFI FaxMaker Online. Given

the size of the organisation, it would eliminate the need to handle

software upgrades.

Warne said the GFI MailArchiver software is essential for quickly

and easily accessing the email archive during legal proceedings and

ensuring all emails stay tamper-free to meet the Local Government

Official Information and Meetings Act 1987.

In addition to enhanced management capability and easier

ability to achieve compliance, Warne said compatibility with other

systems and hardware is equally essential.

“The regular releases, which support modern Microsoft

operating systems, Exchange and databases, make implementing

the software very easy,” Warne said.

The bulk of the benefits that GFI MailArchiver provides, Warne

added, are “behind the scenes”. He pointed to better business

continuity in Environment Canterbury’s virtual environment;

simplified internal support of running with modern components;

and the freedom to upgrade infrastructure (OS, SQL and Exchange).

• provision of an appropriate framework within which public

offices and local authorities create and maintain public

records and local authority records; and

• the safekeeping of private records.

For those reasons, Environment Canterbury Team Leader

ITC Operations Alan Warne said there has been, and continues

to be, one objective for his staff: to comply with the Act. “We

need an email archival system which is independent of the mail

server and captures all emails,” said Warne.

30 Sept-2 Oct 214Melbourne Convention and Exhibition

Centre, Melbourne, Australia

Utilities | Government | Enterprise | Transportation | Resources | Public Safety

Register online at www.comms-connect.com.au

In conjunction with the ARCIA Industry Gala Dinner — 1 October 2014 — MCEC. Visit www.arcia.org.au to book your tickets.

Shane Fitzsimmons — AFSM, Commissioner NSW Rural Fire Service (RFS)The value of communication networks in a public safety environment

Deputy Chief Eddie Reyes — Alexandria, VA Police DepartmentNext Generation 9-1-1 (0-0-0): Are public safety agencies ready?

Keynotes

• Next Generation Triple Zero (NG000): challenges and opportunities

• In a converged communications environment, just how secure is your radio system?

• Advanced radio over IP

• Ensure network migration success with change management

• Practical guide to working with fibre optics

• TETRA: Advanced systems planning, integration and deployment

2014 Training workshops include:

Now in its 8th year, Comms Connect has become the leading conference and exhibition for combined communications users and industry.

With keynotes, workshops and panel sessions, this year will see the launch of a new, dedicated stream focussing on all that is important in the public safety communications sphere.

COMMS CONNECT RETURNS TO MELBOURNE

Visit www.comms-connect.com.au for more information on speakers, topics and half-day training workshops.

Prize Draw Sponsor

Lanyard Sponsor

Digital Partner

Supporting associations & media organisations

Magazine Partner

Platinum Sponsors

Gold Sponsors

Silver Sponsors

In association with

26


With energy usage and costs

continuing to rise, expect to see

businesses moving towards a more

holistic and end-to-end approach

to data centre strategy.

For the data centre industry, virtu-

alisation lowers facility costs, sim-

plifies administration, decreases

asset management requirements

and, largely, improves energy efficiency. At

a time of rising energy costs and continual

pressure for managers to increase data centre

sophistication, virtualisation can improve

the overall data centre performance and

reliability.

In our experience, many IT and data centre

managers only consider two layers to their

data centre virtualisation strategy - IT in-

frastructure (servers, network and storage)

and software. Often neglected is the third

layer - the impact virtualisation can have on

data centre physical infrastructure or DCPI.

Addressing DCPI, including cooling, moni-

toring and power, is vital in optimising

virtualisation performance and in facing

many of the challenges virtualisation can

bring. Overlooking the holistic impact of

virtualisation can result in compromised

availability and often an economic loss.

Challenges to the virtualised data centreHeat removal is an immediate challenge.

Virtualisation drives larger capacity for data

storage and helps data centres achieve higher

utilisation rates. As a result, hosts draw more

power and create more heat.

Managers also need to consider that when

there is a reduction in IT load, with no

T E C H N I C A L LY S P E A K I N G

A holistic approachto data centre virtualisation and DCIMAndrew Sylvester, Data Centre Software Manager, Schneider Electric, IT Business

27


For organisations looking to take advantage

of DCIM, it’s important to start by deter-

mining which areas need to be focused on

- availability management, capacity manage-

ment, solutions optimisation and so on.

Organisations should then look at model-

ling the outcomes of implementing DCIM

before deploying it across the system, as

this will ensure they have full insight into

the benefits and potential ROI. Modelling

is particularly relevant for managers who

have limited visibility of their IT and data

centre equipment and its performance, as

DCIM can help reduce these concerns by

providing a greater overview.

When considering DCIM solutions, organi-

sations should also take a combined view of

data centre, facilities and IT ecosystems - this

approach is called a ‘data centre management

system’. This view considers organisational

relationships and the impact of how people

work and the processes they use.

When properly deployed, DCIM provides

invaluable insights into key cost areas within

the data centre, providing information to

managers on operational performance and

day-to-day activities. The end result is that

DCIM enables executives to make better

decisions and manage IT operations more

effectively. This results in improved man-

agement of resources in key areas such as

power, cooling, space capacity management,

energy cost management and business value.

Bottom lineIn 2013, we saw many businesses taking on

server virtualisation and data centre man-

agement. In 2014, with energy usage and

costs continuing to rise, we expect to see

businesses moving towards a more holistic

and end-to-end approach to data centre

strategy. Having a comprehensive energy

management program such as DCIM will

work to reduce increased energy cost and

drive improved ROI.

change in the DCPI, data centre power

utilisation effectiveness (PUE) will worsen,

despite energy use decreasing. This is because

although virtualisation increases the IT ef-

ficiency, it decreases the electrical efficiency

of the overall system and causes excessive

ongoing electrical consumption.

Most users often forget that there are fixed

losses in the power and cooling systems that

exist whether the IT load is present or not,

and that these losses are proportional to the

overall power rating of the system. These

fixed losses are the dominant form of DCPI

electrical consumption in most installations.

Virtualisation can also cause IT loads to

vary in location and time. One of the ad-

vantages of virtualisation is the ability to

move load when needed; however, shifting

virtual loads combined with high density can

increase the risk of downtime and unused

or stranded capacity.

Seeing the complete pictureData centre infrastructure management

(DCIM) software provides a complete pic-

ture of the health of a data centre and is

designed to identify and resolve virtualisation

issues. It increases understanding of capacity

and utilisation in the environment through

monitoring and controlling DCPI in real

time, based on changing loads.

DCIM can also help identify unused or

stranded capacity by coordinating assets

more efficiently and conducting predictive

analysis of what will happen to the physi-

cal infrastructure before loads are moved.

Modular, scalable power and cooling solu-

tions can also enable right-sizing to match

the data centre’s consolidated or growing IT

loads. Close-coupled cooling also adjusts to

migrating IT loads in real time.

Cutting through DCIM noiseWhile there are a lot of organisations of-

fering DCIM, many are not able to provide

the benefits that a full suite of solutions can

provide. DCIM is not about point-solution

products such as cable management and

IT monitoring software that monitors only

singular aspects of data centre operations -

proper DCIM solutions cover the full suite

of monitoring, automation, management

and analytical capabilities.

The confusion on DCIM solutions can

be compared to the analogy between the

dashboard of a 1967 VW Beetle and a

Toyota Prius. A 1967 VW Beetle only has

information like speed and fuel, while the

Toyota Prius can provide information such

as how many kilometres can be done on

the current tank and when an oil change is

needed. Point-solutions run on device-level

monitoring similar to the VW beetle. By

contrast a full suite of DCIM solutions marks

a fundamental change towards contextually

aware monitoring - similar to what’s found

in a Toyota Prius.

© fo

tosc

ool/D

olla

r Pho

to C

lub

28


B E S T O F T H E W E Bwww.technologydecisions.com.au

HP will chop up to 16,000 more jobs

Hewlett-Packard (HP) will cut between 11,000 and 16,000 more

jobs as part of changes to its ongoing restructure.

In 2012, HP adopted a restructuring plan that it hoped would

lower costs. The company previously estimated that the plan

would see 34,000 jobs cut.

But on last week’s conference call about the company’s fiscal

2014 second quarter, HP CEO Meg Whitman revealed the

company plans to increase that number by between 11,000 and

16,000 - meaning between 45,000 and 50,000 jobs would go

in total as part of the restructure.

Whitman said that “HP’s turnaround remains on track” but

that “we have more work to do to improve the consistency

of our execution and lower our cost structure to drive overall

profitability”.

“No company likes to reduce their workforce, but the reality is

that HP must be maniacally focused on continuous improvement

in our cost structure,” Whitman said.

cost structure, streamline our operations, without impairing our

effectiveness - in fact, making us a more nimble and decisive

company.”

“I think it’s the natural course of what makes sense in a turnaround

of this size and scale.”

Toni Sacconaghi, from Sanford C Bernstein & Company,

questioned the repeated revisions of the number of jobs being

cut in the restructure.

“My understanding originally was 27,000 was what was needed

to right-size the company. Then it went to 29,000, then it went to

34,000. Now it's going to 50,000,” Sacconaghi said.

“Is that a message that you are not as confident that you can grow EPS

[earnings per share] in 2015 without these workforce rebalancings?

Is the reason for this incremental workforce rebalancing because

you have lost confidence, or you don’t have as much confidence in

the company’s ability to grow top line in 2015?”

Whitman answered: “This actually has nothing to do with our

confidence in the business. This has to

do with really now understanding the

opportunities that we have to make this

company better.”

Amit Daryanani, analyst at RBC Capital

Markets, asked, “How does this play out

for the morale of the company, given the

headcount cuts seem to almost accelerate

a little bit every six months?”

Whitman replied: “No company likes to

decrease the workforce. We recognise that

is difficult for employees. What I will tell you

is I think our employees live it every single

day. The environment that we are in, our employees know that

there’s ways we can be more efficient. They are in some ways the

biggest source of ideas on what we can do differently.

“I think everyone understands the turnaround we’re in. Everyone

understands the market realities. Everyone understands the need

to create financial capacity to invest in innovation, which will be

our point of difference, and making sure that we have the right

sales force coverage in every geography.

“I don’t think anyone likes this; but I think actually we’ve done a

good job of explaining where we are in the turnaround, what the

strategy is and what’s going to be required to get HP to where

we all want it to be in the industry,” she said.

When asked if the expected job cuts would increase yet again,

Whitman said, “I don't anticipate an additional program.”

The company’s CFO, Cathie Lesjak, outlined the timing of the

cuts.

“We expect a total of approximately 41,000 people to leave by

the end of fiscal 2014, with the remainder in 2015,” Lesjak said.

“We expect this to create additional run-rate savings in FY16

of approximately [US]$1 billion per year, on top of what we

previously laid out, although we expect some of this will be

reinvested back into the business,” the CFO said.

Much of the questioning from analysts to HP management during

the call pertained to the cuts.

Keith Bachman, an analyst at BMO Capital Markets, asked if

the additional job cuts indicated disappointment in some areas.

Whitman replied: “I am actually not disappointed at all with

how we’re doing. We just see more opportunities to lower our

© iS

tock

phot

o.co

m/F

eng

Yu

29



SIEMON’s

LC BladePatchREVOLUTIONIZING HIGH DENSITY FIBER PATCHING

®

W W W . S I E M O N . C O M / A U /

Innovative, Easy Access, Push-Pull Latch Activation

The push-pull design enableseasy access and removal viathe boot in tight-fitting areas

Fits within any standard LCadapter opening or LC SFPmodule

Low profile boot designoptimizes side-stackability

Multimode: 50/125 OM3 and OM4Singlemode (UPC): OS2

Exclusive rotating latchdesign supports simplefield polarity changeswithout the risk of fiberdamage

Specifically designed to simplify fiber jumper access in tight-fitting, high-density patchingenvironments, Siemon’s revolutionary LC BladePatch fiber jumpers feature an exclusiveboot/latch mechanism that allows the cord to be securely inserted and easily removed viathe push-pull boot – eliminating the need for direct access to the latch in space challengedapplications. In addition to the innovative push-pull design, the duplex LC BladePatchlatches can be rotated 180 degrees to quickly and easily make polarity corrections.

These new innovative jumpers utilize a smaller diameter uni-tube cable that reduces cablepathway congestion for improved airflow and energy efficiency as well as simplifying overallcable management. Combined with its low-loss Multimode and Singlemode performance,the LC BladePatch is the ideal LC fiber patching solution for today’s high-speed, high-densitynetwork connectivity needs.

Learn more and engage with Siemon experts at www.siemon.com/lcbp

AD_TecDes_LCBP_AUS_Layout 1 7/22/13 8:46 AM Page 1

Perth’s Amcom wins major Cisco HCS deal

Perth-based ICT provider Amcom has won a major contract to deploy Cisco’s Hosted

Collaboration Solution (HCS) throughout the University of Melbourne.

The 13,000-user telephony and unified communication (UC) services contract is the biggest

Cisco HCS rollout announced in Australia to date. It is also Amcom’s largest single UC contract

ever.

Amcom uses Cisco HCS to power its Amcom Cloud Collaboration solution (ACC), a pay-per-

use consumption-based unified communications service.

The company will deploy Amcom ACC across eight University of Melbourne campuses in

metropolitan and rural Victoria, providing services including voice and video telephony,

voicemail, instant messaging, telepresence and mobility services.

The service will allow users to securely route calls to other universities and institutions worldwide

using AARNet’s unified communications exchange. Amcom announced a partnership with

AARNet (Australia’s Academic and Research Network) in May.

“Large-scale contracts such as this validates the up-front investment Amcom has made in our ACC

offering, leveraging off of our partnership with AARNet,” Amcom CEO Clive Stein commented.

He said he expects that over time, Amcom’s partnership with AARNet will yield more educational

sector contracts.© fr

eeim

ages

.com

/pro

file/

FOTO

CRO

MO

http://www.siemon.com/au/


30

workLeaping the bandwidth and backup hurdles

BitCloud, a Sydney-based provider of cloud services, has

partnered with Veeam Software and deployed Veeam

Backup & Replication to protect more than 1000

of its Windows and Linux virtual machines (VMs).

Before BitCloud could build a flexible cloud offering that

would accommodate each client’s particular needs, it had to

find scalable, efficient and cost-effective technologies for its

hosting environment. Data protection was a top priority, due to

bandwidth constraints, service requirements and the resources

typically consumed by backup.

“We run a 100% virtualised infrastructure; therefore, we

needed a solution that worked well with VMware. We also

needed a solution that would scale easily as the number of VMs

increased,” said Bennett Oprysa, CEO for BitCloud.

“We also wanted to partner with a company that was actively

developing its solutions; we didn’t want to have to switch vendors

down the road.”

BitCloud partnered with Veeam Software and deployed Veeam

Backup & Replication to protect its Windows and Linux VMs,

which now total more than 1000. The company incorporates

Veeam into a number of different service offerings, including

infrastructure-as-a-service (IaaS), backup and disaster recovery-

as-a-service (BaaS and DRaaS), and Managed Microsoft Exchange

and SharePoint.

“We chose Veeam because the company and its solution

matched our needs perfectly,” Oprysa said. “Veeam Backup &

Replication works well with VMware and is continually developed

and enhanced. It provides both backup and replication, which

has proven to be very useful for us, and the licensing aligns

perfectly with our business model. All of the client services we

offer are based on Veeam functionality.”

For example, Veeam’s replication functionality is used in a

number of ways. In case of disaster, BitCloud replicates VMs to

a second data centre in Melbourne. BitCloud also uses Veeam

replication to satisfy regulatory requirements for high availability,

which some of its clients are subject to. In a role reversal of

sorts, BitCloud even offers replication of hosted workloads to

client sites.

“This is a good way to use a client’s existing infrastructure

and alleviate fears about losing control,” Oprysa said.

BitCloud has found that Veeam can back up its biggest VMs,

which are in its shared hosting environment.

“Before Veeam, we backed up these VMs with SAN-level

snapshots, but the snapshots were expensive and problematic

to restore from,” Oprysa said. “Using Veeam, we can back up

even our largest VMs quickly and efficiently.”

It’s not uncommon for a BitCloud client to have a 10 Mbps

network connection. But with Veeam’s built-in deduplication,

WAN optimisation, dual-proxy architecture, seeding and ‘forever

incremental’ approach, BitCloud is able to back up and replicate

VMs across slow or unreliable links.

In addition to a feature-rich data protection solution, Oprysa

said he and his colleagues gained a valuable partnership when

they chose Veeam.

31


Mobile biometrics - assessing the technologies

A N A LY S E T H I S

Finding mobile authentication

solutions that balance security,

cost and user needs is a growing

challenge for today’s businesses.

Long, complex passwords are difficult to

remember and almost impossible to use on

mobile devices. Smartcards and one-time

password (OTP) tokens are expensive to

purchase and frequently lost or forgotten.

But there is a simple solution … biometrics.

Biometrics uses human characteristics to

authenticate and protect systems. However,

cost, usability and performance have in-

hibited widespread use. Now, high-quality,

low-cost sensors have entered the market,

putting biometrics in the hands of consum-

ers for the first time. But availability doesn’t

necessarily translate to viability.

Biometric sensorsThere are three types of biometric sen-

sors available for mobile devices: add-on

sensors, embedded biometric sensors and

embedded native sensors.

Add-on sensors are hardware peripherals

that incorporate biometrics to create au-

thentication solutions for mobile devices.

There are generally two kinds of add-on

sensor: the sleeve, which fits around the

device; and plug-ins, which attach using a

cable. While these are usually high quality

and suited to most enterprises, there are a

number of downsides.

For starters, the sleeve varieties are often

specific to a particular device and may not

be usable for every device in the enterprise.

They will also need to be replaced or

upgraded as users change phone models.

And while the plug-in sensors are more

independent of the device itself, they are

less acceptable to users, and can have a

greater adverse impact on user experience.

Perhaps the greatest downside to add-on

sensors is that, like OTP tokens, they are

often forgotten, lost or broken, and are

expensive to replace.

Increasingly, mobile manufacturers are add-

ing special-purpose, embedded biometric

sensors to their devices. The most high-

profile of these is the Touch ID fingerprint

sensor in the Apple iPhone 5s and the built-

in fingerprint sensor in the Samsung Galaxy

S5. Other vendors are climbing on board,

installing fingerprint sensors and very high

definition cameras that can capture iris

images, putting biometric capabilities into

the hands of ordinary customers.

While all this increases the likelihood of

users accepting them in the enterprise, there

are a couple of drawbacks. Embedded sen-

sors are specific to particular manufacturers

and models of devices, placing constraints

on enterprises with BYOD policies in place.

Their value is also affected by the relatively

short lifetime of consumer devices. There

is also the very real concern of the effec-

tiveness and efficacy of the sensors being

compromised. For example, the size of

a fingerprint sensor may be reduced to

fit the available real estate on a mobile

device. This means less of the fingerprint

is available during each capture, which

can affect the accuracy and usability of

the authentication solution.

Current devices have a range of capabilities

that can be exploited to collect biometric

data. Embedded native sensors such as

microphones, cameras, touchscreens, gy-

roscopes and accelerometers can capture

a variety of data, which can be used for

biometric authentication. The biggest

advantage of embedded native sensors is

that they are available on almost all cur-

rent mobile devices. Such broad availability

increases the suitability for enterprise ap-

plications.

However, embedded native sensors are not

without potential problems. Smartphone

cameras have small sensors, fixed focal

lengths and apertures, and wide fields of

view - perfect for an arm’s length selfie

but not necessarily for capturing a high-

definition iris scan. Similarly, microphones

differ from those used in landlines, and

often include noise-cancelling technologies

that could modify voice characteristics

used in voice biometrics. Also, due to the

limited availability of APIs, there may also

be constraints on how biometric solutions

integrate with native sensors to control and

configure hardware.

Biometric modesThere are three main categories of biometric

modes implemented in mobile solutions:

traditional biological, new biological and

behavioural.

Law enforcement, border security and civil

identity agencies have been using traditional

biological modes for years. These appli-

cations primarily use fingerprint, DNA,

facial recognition and iris biometrics, and

32


Anne Robins is a Research Director on the Gartner for Technical Professionals (GTP) team, as well as a member of the Identity and Privacy Strategies team. With more than 20 years’ experience, Anne is a respected expert in the fields of security compliance, security architecture and biometrics.

are based on significant, long-standing

scientific research and large-scale testing.

There has also been significant deployment

of voice biometrics that leverage existing

call centre and interactive voice response

(IVR) implementations within the finance,

insurance, healthcare and social service

industries. Some of these tried-and-tested

modes translate well into the mobile device

arena, particularly voice biometrics, though

developers have had to adapt algorithms

to handle the different acoustics of the

mobile channel. The increasing resolution

of cameras on mobile devices makes them

ideal as face biometric sensors.

Developers are also coming up with a

number of novel, new biological modes

that take advantage of mobile features

while also creating good user experiences.

Most of these incorporate existing cameras.

However, new modes lack the depth of

scientific investigation and real-world test-

ing of more traditional modes, making it

difficult for potential customers to judge

the suitability of these modes for enterprise

applications. Furthermore, variability in

the quality and characteristics of mobile

device cameras means not all devices will

capture biometric characteristics with the

same level of precision.

New modes with some relationship to or

basis in traditional modes are a safer option.

For example, eye-vein-pattern biometric

solutions use the camera to capture images

of the eye and identify patterns in the vis-

ible veins. Vein patterns are a well-known

biometric mode, with hand and palm vein

patterns implemented for applications

including physical access control systems

(PACS) and ATM authentication.

Other new biological modes include perio-

cular (using the shape of the eye sockets),

whole face geometry and palm patterns.

In short, if new biological modes relate

to well-known, traditional methods, there

is a much higher likelihood it will be ac-

cepted by users.

Behavioural biometric modes are based

on measuring behavioural characteristics

to uniquely identify an individual. In the

context of mobile biometrics, gyroscopes

and accelerometers can measure a number

of behaviours and unique patterns of usage.

Behavioural biometric modes are often

combined with traditional authentication

modes, such as a known secret. For example,

measuring the way a person interacts with

the touchscreen when entering a password

can add assurance that the correct person

is being granted access and not just a dif-

ferent person who knows the password.

However, there hasn’t been significant

scientific study into the distinctiveness and

stability of behavioural biometrics. This can

make it difficult for potential customers to

judge the security, accuracy and suitability

for enterprise applications.

With positives and negatives surround-

ing each of the sensors and modes, it is

up to the individual enterprise to decide

which solution best works for them, or

if they are even ready to consider mobile

biometrics at all.

© iS

tock

phot

o.co

m/J

LGut

ierr

ez

33



Melbourne firm signs $11K settlement with BSASoftware industry body BSA has settled a copyright violation lawsuit

against a Melbourne recruiting firm that had allegedly been using

Microsoft software without a proper licence.

Under the settlement agreement, the recruitment firm has agreed

to pay $11,190 in damages and to purchase a legitimate licence

to Microsoft Office 2007 Enterprise edition.

In a statement, the body’s Australia committee chair Clayton Noble

said the agreement “highlights the financial risks businesses take if

they use unlicensed, non-genuine software”.

The use of pirated software also exposes companies to greater risk

of security threats from malware, he added.

“The recent BSA Global Software Study revealed ‘security threats’,

including access by hackers and loss of data, are the chief reasons

computer users around the world cite for avoiding using unlicensed,

non-genuine software,” he said.

The US-headquartered BSA has operations in around 60 countries

worldwide.

Cisco and Flinders University ink dealFlinders University and Cisco have signed an agreement that lays the

foundations for Flinders to lead Australia in some of the most innovative

parts of the internet.

The agreement, which is the first of its kind between an Australian

university and a digital networking company, enhances Flinders’ position

as an emerging leader in the provision of digital health services and

cybersecurity expertise.

It also puts Flinders at the heart of Cisco’s global ‘Internet-of-Everything’

vision to make networked connections more relevant and valuable

than ever before.

New initiatives at Flinders will include the establishment of an academy

at the university’s new Tonsley Park building, in which Cisco staff will train

students to work with the newest technologies and latest developments

in the digital space.

The agreement, in which Flinders has invested $14m, has already led to

the development of a Wi-Fi network at Flinders’ Bedford Park campus,

which Cisco says is one of the fastest in the world.

http://www.electronex.com.au

34


Manage IT resourcesbetter by outsourcing

O F F T H E CUFF

When we look at how

much technology has

streamlined processes

and reduced paper-

work, how it has created a mobile

workforce and it is connecting busi-

nesses throughout the world, we can see

how much improvements in hardware

and software have helped businesses

to become more productive. We could,

in fact, be forgiven for thinking that it

has made everyone’s working lives so

much easier.

Well, it has - for everyone except the IT

department that is.

The introduction of do-it-yourself tech-

nologies such as data storage solutions,

security management products and ap-

plication development programs meant

that managing your IT infrastructure

was marketed as being far easier and

more cost efficient.

But the problem with these DIY options

is that the amount of time invested in

managing them completely counterbal-

ances any financial gain. IT managers

are expected to be experts in a million

different fields, with no time to focus

on any of them.

Better technology brings a greater num-

ber of management requirements. IT

managers are completely overloaded by

the demands of their working day, and

by the expectations that are set upon

their departments. And, in fact, these

expectations are only increasing.

According to the 2013 Gartner CEO

survey, 50% of CEOs expect to get more

strategic value from IT. This means that in

most cases, the IT manager doesn’t have

the time or capacity to manage the IT

department while simultaneously meeting

the CEO’s objectives and expectations.

So something has to give.

By outsourcing at least some sectors of the

IT department to a service provider that

will not only supply the solution but will

also manage and provide customer service,

the department can turn its focus back to

its core business. When the IT manager is

no longer juggling many different issues,

he or she can start thinking strategically.

In handing over the management of

key IT functions such as cloud, busi-

ness processes or disaster recovery to an

expert in that field, someone who lives

and breathes their specialty day in, day

out, the IT department can feel pretty

confident knowing that their data is

secure, that issues will be managed for

them and that they will be given real-time

advice on areas such as infrastructure,

data management or networking.

Better management will mean better

performance, and better performance

means there is more time to contribute

to the bigger picture. By removing the

low-hanging technical issues of the or-

ganisation, the IT manager will have the

time to invest in strategy, and to meet

the overall expectations of the business

and the CEO.

Angus Dorney is Director and General Manager of Rackspace for Australia and New Zealand. He has worked in a variety of different management, operational, strategy, sales and marketing roles in Australia and overseas.

35

A.B.N. 22 152 305 336www.westwick-farrow.com.au

All material published in this magazine is published in good faith and every care is taken to accurately relay information

provided to us. Readers are advised by the publishers to ensure that all necessary safety devices and precautions are installed

and safe working procedures adopted before the use of any equipment found or purchased through the information we

provide. Further, all performance criteria was provided by the representative company concerned and any dispute should

be referred to them. Information indicating that products are made in Australia or New Zealand is supplied by the source company. Westwick-Farrow Pty Ltd does not quantify the

amount of local content or the accuracy of the statement made by the source.

March 2014 Total CAB Audited Circulation

(Aust + NZ) 6,148

Printed and bound by Bluestar Print +61 2 9748 3411

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

Editor Jonathan [email protected]

Chief Editor Janette [email protected]

Publisher Geoff [email protected]

Associate Publisher Glenn [email protected]

Art Director/Production Manager Julie [email protected]

If you have any queries regarding our privacy policy please email [email protected]

Head Office: Cnr Fox Valley Road & Kiogle Street (Locked Bag 1289), Wahroonga 2076 Australia Ph +61 2 9487 2700 Fax +61 2 9489 1265

Print Post Approved PP 100009359

ISSN 2201 - 148X

The magazine is available FREE to IT and business professionals. Go to the website now and complete the simple registration form.

w w w. t e c h n o l o g y d e c i s i o n s . c o m . a u / s u b s c r i b e

You can choose to receive the print magazine and/or the eMag. To ensure you are updated with key information between issues, sign up for the twice weekly eNewsletter too!

QUALIFYfor Technology Decisions and we will deliver you 6 information-packed editions FREE.

FREEall year

SUBSCRIBE(non-IT professionals) to Technology Decisions and you will pay* within Australia. Please apply for International rates.

$60.00*a year>>

>>>

Art/Production Tanya Scarselletti, Odette Boulton

Circulation Manager

Sue [email protected]

Copy Control Mitchie Mullins [email protected]

Advertising Sales

Liz Wilson Ph 0403 528 558 [email protected]

Glenn Silburn Ph 0422 931 499 [email protected]

AsiaLachlan Rainey Ph +61 (0) 402 157 [email protected]

http://www.con-nect.com.au

technology decisions aug/sep 2014

Documents

data breaches

serious data breach

big data

data centre landscape

declare2310 cool data

t e c h n o

o g y d e c i s i o

d e r s h i p i n n